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Response to Arguments 

1 . Applicant's arguments filed December 18, 2007 have been fully considered but 
they are not persuasive. 

With regard to claims 14,15,21, Applicant states that "Basso fails to disclose or 
suggest the handling of shared services available to a plurality of virtual private 
networks in any manner", and further states "RFC 2663 says nothing about shared 
services, where each of the shared services is available to each of the VPNs" and 
about updating routing tables associated with all of the VPNs. Amendment B, dated 
December 18, 2007, p. 15, para. 1. However, Examiner respectfully disagrees. Claim 
1 4 recites "maintaining a plurality of sets of routing information, each of the sets of 
routing information being associated with a different one of a plurality of virtual private 
networks; ... and updating the plurality of sets of routing information Claim 14 does 
not recite updating routing tables associated with all of the VPNs. Therefore, 
Applicant's statements do not apply to claim 14 and its dependent claims. 

In response to applicant's argument that the references fail to show certain 
features of applicant's invention, it is noted that the features upon which applicant relies 
(i.e., updating routing tables associated with all of the VPNs) are not recited in the 
rejected claim(s). Although the claims are interpreted in light of the specification, 
limitations from the specification are not read into the claims. See In re Van Geuns, 988 
F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). 
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With regard to claims 6,7,10, Applicant amended these claims into independent 
claims and they were rejected in the last Office Action, dated October 12, 2007. 
However, Applicant did not address these rejections in Amendment B, dated December 
18,2007. 

Claim Rejections - 35 USC § 103 

2. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

3. Claims 6,7,14,15,21-24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Basso et al. (US 2004/0174879) in view of RFC 2663 (IP NAT). 

With regard to claim 6, Basso discloses NAT translation comprising: 
maintaining a plurality of routing tables (a plurality of routing tables, para. 
[0028]; see also 204 in Fig. 2), each of the plurality of routing tables being associated 
with a different one of a plurality of virtual private networks (a routing table is 
associated with a VPN, para. [0028]); 

receiving a packet (data packet 210 in Fig. 2, para. [0025]), the packet 
including an IP source address (the network layer address, para. [0025], must be 
part of an IP source address in an MPLS system, para. [0022]) and an IP destination 
address (IP destination address of the packet, para. [0025]), the packet further 
including information (Table ID 606 [of an entry of a VRF table] identifies the routing 
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table, para. [0029], see also Fig. 6A) indicating one of the plurality of routing tables to 
route the packet; 

performing NAT on the packet (two lookups, para. [0025]); 

identifying one of the plurality of routing tables to route the packet (Table ID 606 
identifies the routing table 504, para. [0029], see also Fig. 6A); 

identifying an entry (outer label 612 in routing table 504, para. [0030]) in the 
one of the plurality of routing tables using the IP destination address (the IP 
destination address is used to matched with an entry in a VRF table, para. [0025] 
and in turn, the Table ID of the entry is used to identify an entry/outer label in a 
routing table); and 

routing the packet (tunnel the data packet) using the identified routing table 
entry (outer label) (outer label is used to tunnel the data packet across the LSP, 
para. [0030]). 

However, Basso fails to explicitly show translating the IP source address from a private 
address to a public address when the packet is received from a network device in a 
private network. 

RFC 2663 discloses translating the IP source address from a private address 
(private network) to a public address (external network) when the packet is received 
from a network device in a private network (hosts in a private network) ("[IP] 
Address translation allows hosts in a private network to transparently 
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communicate with destinations on an external network and vice versa", 1. 
Introduction). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine translating the IP source address from a private address to a 
public address when the packet is received from a network device in a private network 
as taught in RFC 2663 with Basso, to provide for transparent routing. RFC 2663, 
Section 2.2. 

With regard to claim 7, Basso discloses NAT translation comprising: 

maintaining a plurality of routing tables (a plurality of routing tables, para. 
[0028]; see also 204 in Fig. 2), each of the plurality of routing tables being associated 
with a different one of a plurality of virtual private networks (a routing table is 
associated with a VPN, para. [0028]); 

receiving a packet (data packet 210 in Fig. 2, para. [0025]), the packet 
including an IP source address (the network layer address, para. [0025], must be 
part of an IP source address in an MPLS system, para. [0022]) and an IP destination 
address (IP destination address of the packet, para. [0025]), the packet further 
including information (Table ID 606 [of an entry of a VRF table] identifies the routing 
table, para. [0029], see also Fig. 6A) indicating one of the plurality of routing tables to 
route the packet; 

performing NAT on the packet (two lookups, para. [0025]); 
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identifying one of the plurality of routing tables to route the packet (Table ID 606 
identifies the routing table 504, para. [0029], see also Fig. 6A); 

identifying an entry (outer label 612 in routing table 504, para. [0030]) in the 
one of the plurality of routing tables using the IP destination address (the IP 
destination address is used to matched with an entry in a VRF table, para. [0025] 
and in turn, the Table ID of the entry is used to identify an entry/outer label in a 
routing table); and 

routing the packet (tunnel the data packet) using the identified routing table 
entry (outer label) (outer label is used to tunnel the data packet across the LSP, 
para. [0030]). 

However, Basso fails to explicitly show translating the IP source address from a public 
address to a private address when the packet is received from a network device in a 
public network. 

RFC 2663 discloses translating the IP source address from a public address 
(external network) to a private address (private network) when the packet is received 
from a network device in a public network (vice versa) ("[IP] Address translation 
allows hosts in a private network to transparently communicate with destinations 
on an external network and vice versa", 1. Introduction). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine translating the IP source address from a public address to a 
private address when the packet is received from a network device in a public network 
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as taught in RFC 2663 with Basso, to provide for transparent routing. RFC 2663, 
Section 2.2. 

With regard to claims 14,22-24, Basso discloses NAT translation comprising: 

maintaining a plurality of routing tables (a plurality of routing tables, para. 
[0028]; see also 204 in Fig. 2), each of the plurality of routing tables being associated 
with a different one of a plurality of virtual private networks (a routing table is 
associated with a VPN, para. [0028]); 

receiving a packet (data packet 210 in Fig. 2, para. [0025]), the packet 
including an IP source address (the network layer address, para. [0025], must be 
part of an IP source address in an MPLS system, para. [0022]) and an IP destination 
address (IP destination address of the packet, para. [0025]), the packet further 
including information (Table ID 606 [of an entry of a VRF table] identifies the routing 
table, para. [0029], see also Fig. 6A) indicating one of the plurality of routing tables to 
route the packet; 

performing NAT on the packet (two lookups, para. [0025]); 

identifying one of the plurality of routing tables to route the packet (Table ID 606 
identifies the routing table 504, para. [0029], see also Fig. 6A); 

identifying an entry (outer label 612 in routing table 504, para. [0030]) in the 
one of the plurality of routing tables using the IP destination address (the IP 
destination address is used to matched with an entry in a VRF table, para. [0025] 
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and in turn, the Table ID of the entry is used to identify an entry/outer label in a 
routing table); and 

routing the packet (tunnel the data packet) using the identified routing table 
entry (outer label) (outer label is used to tunnel the data packet across the LSP, 
para. [0030]). 

However, Basso fails to explicitly show receiving a default route advertised by a network 
device providing one or more shared services, wherein each of the shared services is 
available to each of the plurality of virtual private networks; and updating each of the 
plurality of routing tables to include the default route to the network device providing one 
or more shared services available to each of the plurality of virtual private networks. 

RFC 2663 discloses NAT translation comprising receiving a default route (it is 
inherent that there is at least one established route) advertised (advertised) by a 
network device (network from the external realm) providing one or more shared 
services (network from the external realm may be advertised within the private 
network, Section 4.1. Traditional NAT) (See also Section 2.7. External network) 
and updating each of the plurality of routing tables to include the default route 
(updating routing table is inherent in NAT). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine receiving a default route advertised by a network device and 
updating each of the plurality of routing tables to include the default route as taught in 
RFC 2663 with Basso, to provide for transparent routing. RFC 2663, Section 2.2. 
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With regard to claim 1 5, Basso further discloses each of the sets of routing 
information corresponding to each virtual private network is stored in a separate routing 
table (a plurality of routing tables, para. [0028]). 

With regard to claim 21, the combination of Basso and RFC 2663 discloses the 
method as recited in claim 14. 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine updating each of the plurality of routing tables to include the 
default route because it is inherent (updating routing table is inherent in NAT) with 
Basso and RFC 2663, to provide for transparent routing. RFC 2663, Section 2.2. 

4. Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Basso 
and RFC 2663 as applied to claim 7 above, and further in view of RFC 2547 
(BGP/MPLS VPNs). 

With regard to claim 8, the combination of Basso and RFC 2663 disclose the method 
as recited in claim 7. However, the combination fails to explicitly show the network 
device in the public network provides one or more services to each of the virtual 
private networks. 

RFC 2547 discloses the network device (service provider) in the public network 
(enterprise network) provides one or more services (IP backbone services) to each 
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of the virtual private networks (VPNs) ("a Service Provider with an IP backbone may 
provide VPNs ... to support the outsourcing of IP backbone services for 
enterprise networks Abstract). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine the network device in the public network provides one or more 
services to each of the virtual private networks as taught in RFC 2547 with Basso and 
RFC 2663, to provide services to VPNs. 

5. Claim 10 is rejected under 35 U.S.C. 103(a) as being unpatentable over Basso 
in view of Ferguson et al. (U.S. Pat No. 7,227,867). 

With regard to claim 10, Basso discloses NAT translation comprising: 
maintaining a plurality of routing tables (a plurality of routing tables, para. 
[0028]; see also 204 in Fig. 2), each of the plurality of routing tables being associated 
with a different one of a plurality of virtual private networks (a routing table is 
associated with a VPN, para. [0028]); 

receiving a packet (data packet 210 in Fig. 2, para. [0025]), the packet 
including an IP source address (the network layer address, para. [0025], must be 
part of an IP source address in an MPLS system, para. [0022]) and an IP destination 
address (IP destination address of the packet, para. [0025]), the packet further 
including information (Table ID 606 [of an entry of a VRF table] identifies the routing 
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table, para. [0029], see also Fig. 6A) indicating one of the plurality of routing tables to 
route the packet; 

performing NAT on the packet (two lookups, para. [0025]); 

identifying one of the plurality of routing tables to route the packet (Table ID 606 
identifies the routing table 504, para. [0029], see also Fig. 6A); 

identifying an entry (outer label 612 in routing table 504, para. [0030]) in the 
one of the plurality of routing tables using the IP destination address (the IP 
destination address is used to matched with an entry in a VRF table, para. [0025] 
and in turn, the Table ID of the entry is used to identify an entry/outer label in a 
routing table); 

routing the packet (tunnel the data packet) using the identified routing table 
entry (outer label) (outer label is used to tunnel the data packet across the LSP, 
para. [0030]); and 

identifying the one of the plurality of routing tables (Table ID 606 identifies the 
routing table 504, para. [0029], see also Fig. 6A) associated with the virtual private 
network (a routing table is associated with a VPN, para. [0028]). 

However, Basso fails to explicitly show the packet includes an MPLS tag indicating a 
virtual private network. 

Ferguson discloses an MPLS tag (tag) indicating a virtual private network (VPN) 
(tag 420 may represent a VPN, col. 8, line 56). 
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At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to include an MPLS tag indicating a VPN as taught in Ferguson with 
Basso to provide for next how information associated with the particular VPN. 
Ferguson, col. 8, lines 58-59. 

6. Claim 16 is rejected under 35 U.S.C. 103(a) as being unpatentable over Basso 
and RFC 2663, and further in view of Kubota et al. (US 2003/0142669). 

With regard to claim 16, the combination of Basso and RFC 2663 discloses the 
method as recited in claim 14. However, Basso fails to explicitly show each entry in the 
routing table includes a VPN identifier identifying the corresponding virtual private 
network. 

Kubota discloses each entry (rows in a routing table) in the routing table (VPN 
routing table 81 in Fig. 8, para. [0099]) includes VPN identifier (VPN column in Fig. 
8, para. [0099]) identifying the corresponding virtual private network. 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine each entry in the routing table includes a VPN identifier 
identifying the corresponding virtual private network as taught in Kubota in Basso and 
RFC 2663 to provide for switching and routing at an edge node. Kubota, Fig. 6. 



Allowable Subject Matter 
7. Claims 1-5,12,13 are allowed. 



Application/Control Number: 10/600,893 
Art Unit: 2619 



Page 13 



8. Claims 1 1 ,1 8-20 are objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form including all of the limitations of 
the base claim and any intervening claims. 

9. The following is a statement of reasons for the indication of allowable subject 
matter: 

With regard to claim 1 , the prior art of record fails to anticipate or make obvious 
"maintaining a plurality of routing tables, each of the plurality of routing tables being 
associated with a different one of a plurality of virtual private networks; ... receiving a 
default route to a network device providing one or more shared services, the default 
route being advertised by the network device ... wherein each of the shared services is 
available to each of the plurality of virtual private networks; and updating each of the 
routing tables [associated with a different one of a plurality of virtual private networks] 

With regard to claim 1 2, the prior art of record fails to anticipate or make obvious 
"an entry in a translation table including the IP source address, the IP destination 
address, and a virtual private network identifier identifying the virtual private network." 

Conclusion 

10. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 



1 1 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to BLANCHE WONG whose telephone number is 
(571)272-3177. The examiner can normally be reached on Monday through Friday, 
830am to 530pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached on 571-272-7884. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Blanche Wong/ 
Examiner, Art Unit 2619 
March 1 1 , 2008 

/Edan Orgad/ 

Supervisory Patent Examiner, Art Unit 2619 



